Your web application is hosted on infrastructure with a permanently active protection layer that acts as a filter at the entry point: it allows legitimate visitors through and intercepts malicious automated traffic before it reaches your instance. Most of the time, this layer operates transparently - neither you nor your visitors notice its presence, which is precisely the goal.


This article describes, in accessible language, how this protection works and the meaning of the communications you may receive whenever it becomes necessary to reinforce the security level in response to an attack.


Why does my application need protection ?


Any service exposed to the internet receives, on a daily basis, a considerable volume of requests that do not originate from humans. These are automated programs - commonly referred to as bots. Some are legitimate and desirable (such as Google, which indexes content so it appears in search results). Others have malicious intent:

  • Systematic attempts to guess administration credentials.
  • Exploitation of vulnerabilities in outdated components to compromise the application.
  • Massive, unauthorised harvesting of content (prices, texts, images).
  • Overloading the server with excessive requests, degrading performance or service availability.


This protection layer was designed to distinguish legitimate visitors from malicious automated agents and act accordingly, autonomously and continuously.


How it works ?


The system operates at three levels, from the lightest to the most robust, applying at any given moment only the level strictly necessary.


Level 1 — Baseline protection (permanently active)
Automatically filters manifestly malicious requests and applies rate-limiting, restricting the frequency of requests per source to prevent abuse and overload. It operates silently and transparently. Legitimate visitors are not affected.


Level 2 — Browser verification (activated when necessary)
In the face of suspicious activity, the application may briefly display an automatic verification page. The process is instantaneous, completes on its own in about a second, and requires no action from the visitor. Automated agents unable to complete this verification are blocked.


Level 3 — Reinforced verification (reserved for intense attacks)
In high-intensity attack scenarios, a more demanding verification is activated. The visitor's browser performs, in the background, a validation calculation that takes a few seconds, accompanied by a progress bar. The process is harmless and automatic for real users, but makes it economically unfeasible to coordinate an attack from multiple sources simultaneously.


How activation of a reinforced level is communicated ?


Whenever we reinforce the protection of a domain, our support team opens a ticket informing you of the situation. This ticket identifies the affected domain, the nature of the detected event, and the protection level activated.


By way of example, you may receive a communication similar to the following:


"Following the detection of an automated content scraping attack targeting the domain example.com, Security Level 2 has been activated for the said domain. The application remains fully available and your legitimate visitors are not affected."


This communication is informational in nature: it requires no action on your part. The activation is a protective measure that ensures the continuity and security of the service for the duration of the attack.


Will my visitors be affected ?


For the vast majority, no. A visitor using a current browser (Chrome, Safari, Edge, or Firefox) clears the verifications automatically, within one to a few seconds, with no interaction required. From that point on, they browse normally and are not prompted with further verifications during the session.


The only accesses effectively blocked are those of malicious automated agents - which is exactly the intended behaviour.


Is Google indexing affected ?


No. Legitimate search engines, such as Google, are recognised by the system and are never subjected to the verifications. The indexing and ranking of your application in search results remain unchanged.


What is expected from me ?


Nothing specific - managing this protection layer is our responsibility. Nevertheless, we recommend maintaining good security practices for your application:

  • Keep the application and its components (themes, extensions, libraries) up to date.
  • Use strong credentials for access to the administration area.
  • Remove components and features that are no longer in use.


Frequently asked questions


A verification page appeared in English (for example, "Checking your browser..."). Is this normal ?


Yes. This is the automatic security verification at work. The message is displayed in English for reasons of universal compatibility, and the process completes on its own within a few seconds. Its appearance indicates that the protection is operating correctly.


Has the application become slower ?


The system was designed for minimal impact on performance. A visitor's first access may entail one to a few additional seconds; subsequent navigation proceeds at the usual speed.


Does this protection replace the application's own security measures ?


No. It operates at a layer prior to the application, intercepting malicious traffic before it reaches the application and thereby easing the load on the server. It complements - it does not replace - the good security practices implemented within the application itself.


For how long does the reinforced level remain active ?


For as long as necessary, until the attack ceases. As soon as the situation stabilises, the system automatically returns to the baseline level. In most cases, this is a matter of a few hours.


Need further clarification


Should you have detected anything unusual in your application or wish to clarify any aspect concerning the protection, our support team is at your disposal. Our commitment is to ensure that your service remains secure and permanently available.